Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CTAINASL_Week 9
| Question | Answer |
|---|---|
| Cryptography focuses only on hiding messages and does not address integrity authentication or non-repudiation. | False. Cryptography is not limited to confidentiality. It also supports integrity authentication and non-repudiation by protecting messages from tampering verifying identities and preventing denial of actions. |
| Plaintext is converted into ciphertext through cryptographic algorithms and protocols to secure communication. | True |
| Confidentiality in cryptography means preventing unauthorized parties from accessing sensitive information. | True |
| Integrity in cryptography is mainly concerned with proving that data was not altered during storage or transmission. | True |
| Authentication ensures that a sender and receiver can confirm identity and the origin or destination of information. | True |
| Non-repudiation means the receiver can deny receiving a message if the message was encrypted. | False. Non-repudiation means a sender cannot deny creating or transmitting information and a recipient cannot deny receiving it when proper cryptographic evidence exists. |
| Digital signatures can support both integrity checking and non-repudiation. | True |
| Symmetric-key encryption uses two different keys one public key and one private key. | False. Symmetric-key encryption uses a single shared key for both encryption and decryption. |
| In symmetric encryption the sender and receiver must share the same secret key before secure communication can work. | True |
| AES is an example of symmetric-key encryption. | True |
| Asymmetric-key encryption is also called public-key encryption. | True |
| In asymmetric encryption the public key is kept secret while the private key is freely available. | False. The public key may be freely available while the private key must be kept secret. |
| RSA and Diffie-Hellman are examples associated with asymmetric cryptography. | True |
| Symmetric encryption is generally faster than asymmetric encryption. | True |
| Secret-key encryption and private-key encryption are alternative names for symmetric-key encryption. | True |
| The Caesar Cipher encrypts text by shifting letters by a fixed number of positions in the alphabet. | True |
| With a Caesar Cipher shift of 3 the plaintext HELLO becomes KHOOR. | True |
| The Caesar Cipher is considered a complex modern encryption algorithm suitable for high-security applications. | False. The Caesar Cipher is one of the simplest symmetric ciphers and is not suitable for modern high-security use. |
| The Vigenere Cipher uses a keyword to determine the shifting pattern for each plaintext letter. | True |
| In the Vigenere Cipher the keyword is repeated until it matches the length of the plaintext. | True |
| The Vigenere Cipher provides stronger encryption than the Caesar Cipher because it does not use only one fixed shift. | True |
| AES supports key sizes of 128 192 and 256 bits. | True |
| AES has been adopted as a standard encryption algorithm by the United States government. | True |
| DES uses a 256-bit key and is stronger than AES. | False. DES uses a 56-bit key and is now considered relatively weak due to advances in computing power. |
| Triple DES improves on DES by applying the DES algorithm three times. | True |
| DES is considered relatively weak today because modern computing power has made attacks more practical. | True |
| The negotiation stage is used to agree on cryptographic parameters before secure communication is fully established. | True |
| The main purpose of the negotiation stage is to delete the need for encryption by proving the parties already trust each other. | False. The negotiation stage is used to establish a secure encrypted channel by agreeing on configurations such as algorithms versions and other parameters. |
| SSL and TLS are commonly used to secure communication over the internet. | True |
| During SSL or TLS negotiation the client and server may agree on the protocol version cipher suites and other secure connection parameters. | True |
| SSL or TLS provides encryption and authentication mechanisms for confidentiality and integrity between a client and a server. | True |
| IPSec is mainly used to secure IP communications and is commonly used in virtual private networks. | True |
| During IPSec negotiation two peers agree on items such as encryption algorithms authentication methods and key management protocols. | True |
| IPSec is a password storage algorithm used only for encrypting local user accounts. | False. IPSec is a suite of protocols used for securing IP communications usually in network-level secure connections such as VPNs. |
| The initial authentication stage occurs after the negotiation stage in the cryptographic communication process. | True |
| The purpose of the initial authentication stage is to verify the identities of the communicating parties. | True |
| Certificates pre-shared keys and passwords are methods that may be used for initial authentication. | True |
| Certificates are issued by trusted Certificate Authorities and contain identity information about an entity. | True |
| A certificate can be verified by checking its digital signature using the Certificate Authority public key. | True |
| Certificate-based authentication helps establish trust between communicating parties. | True |
| Pre-shared keys are secret keys known in advance by both communicating parties. | True |
| In pre-shared key authentication the parties use shared secret knowledge to verify identity and establish trust. | True |
| Pre-shared keys are best suited for situations involving a limited number of trusted entities. | True |
| Passwords can be used for initial authentication but may be weaker than certificates or pre-shared keys. | True |
| Passwords are immune to dictionary attacks and password guessing when used in cryptographic authentication. | False. Passwords can be vulnerable to dictionary attacks password guessing and other attacks especially when weak or poorly protected. |
| A password alone usually provides the same level of security as certificates. | False. Passwords alone may not provide the same level of security because they are vulnerable to attacks such as guessing and dictionary attacks. |
| Cryptographic protocols help define how encryption authentication and parameter agreement are performed during secure communication. | True |
| A secure cryptographic communication process may involve negotiation first followed by initial authentication. | True |
| Using encryption without authentication can still leave communication vulnerable to impersonation. | True |
| A public key can be used in asymmetric cryptography without exposing the private key. | True |
| The private key in asymmetric cryptography should remain confidential because exposing it can break the security of the system. | True |
Created by:
MamurMD